From 45df4d0d9b577fecee798d672695fe24ff57fb1b Mon Sep 17 00:00:00 2001 From: mo khan Date: Tue, 15 Jul 2025 16:37:08 -0600 Subject: feat: migrate from Cedar to SpiceDB authorization system This is a major architectural change that replaces the Cedar policy-based authorization system with SpiceDB's relation-based authorization. Key changes: - Migrate from Rust to Go implementation - Replace Cedar policies with SpiceDB schema and relationships - Switch from envoy `ext_authz` with Cedar to SpiceDB permission checks - Update build system and dependencies for Go ecosystem - Maintain Envoy integration for external authorization This change enables more flexible permission modeling through SpiceDB's Google Zanzibar inspired relation-based system, supporting complex hierarchical permissions that were difficult to express in Cedar. Breaking change: Existing Cedar policies and Rust-based configuration will no longer work and need to be migrated to SpiceDB schema. --- .../google/yamlfmt/internal/logger/debug.go | 53 ++++++++++++++++++++++ 1 file changed, 53 insertions(+) create mode 100644 vendor/github.com/google/yamlfmt/internal/logger/debug.go (limited to 'vendor/github.com/google/yamlfmt/internal/logger') diff --git a/vendor/github.com/google/yamlfmt/internal/logger/debug.go b/vendor/github.com/google/yamlfmt/internal/logger/debug.go new file mode 100644 index 00000000..5a82c3c1 --- /dev/null +++ b/vendor/github.com/google/yamlfmt/internal/logger/debug.go @@ -0,0 +1,53 @@ +// Copyright 2024 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package logger + +import ( + "fmt" + + "github.com/google/yamlfmt/internal/collections" +) + +type DebugCode int + +const ( + DebugCodeAny DebugCode = iota + DebugCodeConfig + DebugCodePaths + DebugCodeDiffs +) + +var ( + supportedDebugCodes = map[string][]DebugCode{ + "config": {DebugCodeConfig}, + "paths": {DebugCodePaths}, + "diffs": {DebugCodeDiffs}, + "all": {DebugCodeConfig, DebugCodePaths, DebugCodeDiffs}, + } + activeDebugCodes = collections.Set[DebugCode]{} +) + +func ActivateDebugCode(code string) { + if debugCodes, ok := supportedDebugCodes[code]; ok { + activeDebugCodes.Add(debugCodes...) + } +} + +// Debug prints a message if the given debug code is active. +func Debug(code DebugCode, msg string, args ...any) { + if activeDebugCodes.Contains(code) { + fmt.Printf("[DEBUG]: %s\n", fmt.Sprintf(msg, args...)) + } +} -- cgit v1.2.3